2 matches found
CVE-2020-9266
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajaxserver.php...
CVE-2020-9266
SOPlanning 1.45 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that lets an attacker arbitrarily change the administrator password via the endpoint process/xajax_server.php. The underlying issue is a CSRF in the admin password change flow; this is documented across multiple sour...